Ransomware attacks on manufacturing and production organizations are on the rise with 65% of companies surveyed reporting ransomware attacks in the past year, a significant increase from 2020 when that figure was 46%, according to the cybersecurity firm Sophos.
The data is based on survey responses from 585 manufacturers and production companies worldwide – part of a larger cross-sectional survey of 5,000 companies in a variety of industries that employ between 100 and 5,000 employees.
Three out of four ransomware attacks on manufacturing organizations (74%) resulted in data encryption, the highest encryption rate for the sector in the last five years.
The survey found that 62% of the manufacturing organizations paid the ransom to get their data back. The percentage has almost doubled from Sophos’ 2023 study when the sector reported one of the lowest ransom payment rates (34%) across all sectors.
In 2024, manufacturing organizations reported a mean cost of $1.67 million to recover from a ransomware attack, an increase from the $1.08 million reported in 2023.
Although ransom payments have soared, the victims rarely pay the full sum demanded. Only 27% of manufacturing victims said that their payment matched the original request, 65% paid less than the original demand, and only 8% paid more.
The report said the 157 manufacturing respondents whose organizations paid the ransom shared the actual sum paid, revealing that the average (median) payment has increased by 167% over the last year, from $450,000 to $1.2 million.